5 to 90 seconds is obviously very long. Unless the messages you are signing are extremely large, the Sign method should be very quick.
We need to determine which operation is actually causing the slowdown. Does this only happen with SHA-256, or have you tried other algorithms as well?
To determine how long the actual signing operation takes, please try running the following code using the same certificate you pass to Sign method:
using Rebex.Security.Certificates;
using System.Security.Cryptography;
// get the certificate
Certificate certificate = ...;
// create a hash algorithm instance
SHA256 sha256 = SHA256.Create();
// get test data to sign
byte[] data = {1, 2, 3, 4, 5, 6};
// generate a hash
byte[] hash = sha256.ComputeHash(data);
// sign the hash
byte[] signature = certificate.SignHash(hash, SignatureHashAlgorithm.SHA256, true);
// display the result
Console.WriteLine(BitConverter.ToString(signature));
Does this work, and how long does it take?
Then, try the following code:
using Rebex.Security.Certificates;
using System.Security.Cryptography;
// get the certificate
Certificate certificate = ...;
// convert Rebex Certificate to .NET certificate
X509Certificate2 certificate2 = new X509Certificate2(certificate.Handle);
// get certificate private key's RSA CSP
RSACryptoServiceProvider csp = (RSACryptoServiceProvider)certificate2.PrivateKey;
// get test data to sign
byte[] data = {1, 2, 3, 4, 5, 6};
// sign the hash
string simpleName = CryptoConfig.MapNameToOID("SHA256");
byte[] signature = csp.SignData(data, simpleName);
// display the result
Console.WriteLine(BitConverter.ToString(signature));
This does the same thing, but it converts RebexCertificate to .NET certificate and uses RSACryptoServiceProvider object to sign the data. Is this similarly slow?